Advanced WAF v16.0 - Declarative API
Thanks! Is there a way to push JSON file with F5 Ansible module like "bigip_asm_policy_import". I know that probably the URI Ansbile module will do the trick but I am looking for a native way to push the ASM policy and then use the new " bigip_as3_deploy" module (the new way to push AS3 Declarations and I made an article about it https://community.f5.com/t5/codeshare/comparison-between-deploying-as3-or-fast-iapp-declarations-with/ta-p/309613 ) to deploy the AS3 declaration that will reference the pushed policy.
I tried to replace "url": "http://10.1.20.4/root/as3-waf-api/-/raw/master/policy-api.json" with the ASM policy but if I do not want to host the ASM polcy on git then I see the option I mentioned as pushing the ASM policy to the F5 and then referencing it in the AS3.
Edit:
I think with the Ansible URI module I can script the file upload commands (the bigip_asm_policy_import seems to have issues so the URI module seems the better option for file upload and then making the asm policy from the file upload) as have for other stuff but still a native Ansible module that can also auto calculate the "Content-Range" header for file upload will really be helpfull but as you mentioned using the "Pull" could be an option.
Managed to make it work with the URI module, just for some reason the F5 thinks the files are the wrong falue and this seems like a bug.
"message": "Chunk byte count 402 in Content-Range header different from received buffer length 394",
└─# stat -c%s asm_policy.json
665
tasks:
- name: PUSH FILE WAF
uri:
url: "https://{{ ansible_host }}/mgmt/tm/asm/file-transfer/uploads/asm_policy.json"
method: POST
body: "{{ lookup('template','asm_policy.json', split_lines=False) }}"
status_code: 200
timeout: 300
body_format: json
force_basic_auth: yes
user: "{{ ansible_user }}"
password: "{{ ansible_httpapi_password }}"
validate_certs: no
headers:
Content-Range: 0-393/394
Content-Type: application/octet-stream
- name: PUSH WAF
uri:
url: "https://{{ ansible_host }}/mgmt/tm/asm/tasks/import-policy"
method: POST
body: "{{ lookup('template','asm_config.json', split_lines=False) }}"
status_code: 201
timeout: 300
body_format: json
force_basic_auth: yes
user: "{{ ansible_user }}"
password: "{{ ansible_httpapi_password }}"
validate_certs: no
headers:
Content-Type: application/javascript